bpf: Prevent memory disambiguation attack
[linux/fpc-iii.git] / net / caif / chnl_net.c
blob53ecda10b79011064bf2aad6041e50a0089819e1
1 /*
2 * Copyright (C) ST-Ericsson AB 2010
3 * Authors: Sjur Brendeland
4 * Daniel Martensson
5 * License terms: GNU General Public License (GPL) version 2
6 */
8 #define pr_fmt(fmt) KBUILD_MODNAME ":%s(): " fmt, __func__
10 #include <linux/fs.h>
11 #include <linux/init.h>
12 #include <linux/module.h>
13 #include <linux/netdevice.h>
14 #include <linux/if_ether.h>
15 #include <linux/ip.h>
16 #include <linux/sched.h>
17 #include <linux/sockios.h>
18 #include <linux/caif/if_caif.h>
19 #include <net/rtnetlink.h>
20 #include <net/caif/caif_layer.h>
21 #include <net/caif/cfpkt.h>
22 #include <net/caif/caif_dev.h>
24 /* GPRS PDP connection has MTU to 1500 */
25 #define GPRS_PDP_MTU 1500
26 /* 5 sec. connect timeout */
27 #define CONNECT_TIMEOUT (5 * HZ)
28 #define CAIF_NET_DEFAULT_QUEUE_LEN 500
29 #define UNDEF_CONNID 0xffffffff
31 /*This list is protected by the rtnl lock. */
32 static LIST_HEAD(chnl_net_list);
34 MODULE_LICENSE("GPL");
35 MODULE_ALIAS_RTNL_LINK("caif");
37 enum caif_states {
38 CAIF_CONNECTED = 1,
39 CAIF_CONNECTING,
40 CAIF_DISCONNECTED,
41 CAIF_SHUTDOWN
44 struct chnl_net {
45 struct cflayer chnl;
46 struct caif_connect_request conn_req;
47 struct list_head list_field;
48 struct net_device *netdev;
49 char name[256];
50 wait_queue_head_t netmgmt_wq;
51 /* Flow status to remember and control the transmission. */
52 bool flowenabled;
53 enum caif_states state;
56 static void robust_list_del(struct list_head *delete_node)
58 struct list_head *list_node;
59 struct list_head *n;
60 ASSERT_RTNL();
61 list_for_each_safe(list_node, n, &chnl_net_list) {
62 if (list_node == delete_node) {
63 list_del(list_node);
64 return;
67 WARN_ON(1);
70 static int chnl_recv_cb(struct cflayer *layr, struct cfpkt *pkt)
72 struct sk_buff *skb;
73 struct chnl_net *priv;
74 int pktlen;
75 const u8 *ip_version;
76 u8 buf;
78 priv = container_of(layr, struct chnl_net, chnl);
79 if (!priv)
80 return -EINVAL;
82 skb = (struct sk_buff *) cfpkt_tonative(pkt);
84 /* Get length of CAIF packet. */
85 pktlen = skb->len;
87 /* Pass some minimum information and
88 * send the packet to the net stack.
90 skb->dev = priv->netdev;
92 /* check the version of IP */
93 ip_version = skb_header_pointer(skb, 0, 1, &buf);
94 if (!ip_version) {
95 kfree_skb(skb);
96 return -EINVAL;
99 switch (*ip_version >> 4) {
100 case 4:
101 skb->protocol = htons(ETH_P_IP);
102 break;
103 case 6:
104 skb->protocol = htons(ETH_P_IPV6);
105 break;
106 default:
107 kfree_skb(skb);
108 priv->netdev->stats.rx_errors++;
109 return -EINVAL;
112 /* If we change the header in loop mode, the checksum is corrupted. */
113 if (priv->conn_req.protocol == CAIFPROTO_DATAGRAM_LOOP)
114 skb->ip_summed = CHECKSUM_UNNECESSARY;
115 else
116 skb->ip_summed = CHECKSUM_NONE;
118 if (in_interrupt())
119 netif_rx(skb);
120 else
121 netif_rx_ni(skb);
123 /* Update statistics. */
124 priv->netdev->stats.rx_packets++;
125 priv->netdev->stats.rx_bytes += pktlen;
127 return 0;
130 static int delete_device(struct chnl_net *dev)
132 ASSERT_RTNL();
133 if (dev->netdev)
134 unregister_netdevice(dev->netdev);
135 return 0;
138 static void close_work(struct work_struct *work)
140 struct chnl_net *dev = NULL;
141 struct list_head *list_node;
142 struct list_head *_tmp;
144 rtnl_lock();
145 list_for_each_safe(list_node, _tmp, &chnl_net_list) {
146 dev = list_entry(list_node, struct chnl_net, list_field);
147 if (dev->state == CAIF_SHUTDOWN)
148 dev_close(dev->netdev);
150 rtnl_unlock();
152 static DECLARE_WORK(close_worker, close_work);
154 static void chnl_hold(struct cflayer *lyr)
156 struct chnl_net *priv = container_of(lyr, struct chnl_net, chnl);
157 dev_hold(priv->netdev);
160 static void chnl_put(struct cflayer *lyr)
162 struct chnl_net *priv = container_of(lyr, struct chnl_net, chnl);
163 dev_put(priv->netdev);
166 static void chnl_flowctrl_cb(struct cflayer *layr, enum caif_ctrlcmd flow,
167 int phyid)
169 struct chnl_net *priv = container_of(layr, struct chnl_net, chnl);
170 pr_debug("NET flowctrl func called flow: %s\n",
171 flow == CAIF_CTRLCMD_FLOW_ON_IND ? "ON" :
172 flow == CAIF_CTRLCMD_INIT_RSP ? "INIT" :
173 flow == CAIF_CTRLCMD_FLOW_OFF_IND ? "OFF" :
174 flow == CAIF_CTRLCMD_DEINIT_RSP ? "CLOSE/DEINIT" :
175 flow == CAIF_CTRLCMD_INIT_FAIL_RSP ? "OPEN_FAIL" :
176 flow == CAIF_CTRLCMD_REMOTE_SHUTDOWN_IND ?
177 "REMOTE_SHUTDOWN" : "UKNOWN CTRL COMMAND");
181 switch (flow) {
182 case CAIF_CTRLCMD_FLOW_OFF_IND:
183 priv->flowenabled = false;
184 netif_stop_queue(priv->netdev);
185 break;
186 case CAIF_CTRLCMD_DEINIT_RSP:
187 priv->state = CAIF_DISCONNECTED;
188 break;
189 case CAIF_CTRLCMD_INIT_FAIL_RSP:
190 priv->state = CAIF_DISCONNECTED;
191 wake_up_interruptible(&priv->netmgmt_wq);
192 break;
193 case CAIF_CTRLCMD_REMOTE_SHUTDOWN_IND:
194 priv->state = CAIF_SHUTDOWN;
195 netif_tx_disable(priv->netdev);
196 schedule_work(&close_worker);
197 break;
198 case CAIF_CTRLCMD_FLOW_ON_IND:
199 priv->flowenabled = true;
200 netif_wake_queue(priv->netdev);
201 break;
202 case CAIF_CTRLCMD_INIT_RSP:
203 caif_client_register_refcnt(&priv->chnl, chnl_hold, chnl_put);
204 priv->state = CAIF_CONNECTED;
205 priv->flowenabled = true;
206 netif_wake_queue(priv->netdev);
207 wake_up_interruptible(&priv->netmgmt_wq);
208 break;
209 default:
210 break;
214 static int chnl_net_start_xmit(struct sk_buff *skb, struct net_device *dev)
216 struct chnl_net *priv;
217 struct cfpkt *pkt = NULL;
218 int len;
219 int result = -1;
220 /* Get our private data. */
221 priv = netdev_priv(dev);
223 if (skb->len > priv->netdev->mtu) {
224 pr_warn("Size of skb exceeded MTU\n");
225 kfree_skb(skb);
226 dev->stats.tx_errors++;
227 return NETDEV_TX_OK;
230 if (!priv->flowenabled) {
231 pr_debug("dropping packets flow off\n");
232 kfree_skb(skb);
233 dev->stats.tx_dropped++;
234 return NETDEV_TX_OK;
237 if (priv->conn_req.protocol == CAIFPROTO_DATAGRAM_LOOP)
238 swap(ip_hdr(skb)->saddr, ip_hdr(skb)->daddr);
240 /* Store original SKB length. */
241 len = skb->len;
243 pkt = cfpkt_fromnative(CAIF_DIR_OUT, (void *) skb);
245 /* Send the packet down the stack. */
246 result = priv->chnl.dn->transmit(priv->chnl.dn, pkt);
247 if (result) {
248 dev->stats.tx_dropped++;
249 return NETDEV_TX_OK;
252 /* Update statistics. */
253 dev->stats.tx_packets++;
254 dev->stats.tx_bytes += len;
256 return NETDEV_TX_OK;
259 static int chnl_net_open(struct net_device *dev)
261 struct chnl_net *priv = NULL;
262 int result = -1;
263 int llifindex, headroom, tailroom, mtu;
264 struct net_device *lldev;
265 ASSERT_RTNL();
266 priv = netdev_priv(dev);
267 if (!priv) {
268 pr_debug("chnl_net_open: no priv\n");
269 return -ENODEV;
272 if (priv->state != CAIF_CONNECTING) {
273 priv->state = CAIF_CONNECTING;
274 result = caif_connect_client(dev_net(dev), &priv->conn_req,
275 &priv->chnl, &llifindex,
276 &headroom, &tailroom);
277 if (result != 0) {
278 pr_debug("err: "
279 "Unable to register and open device,"
280 " Err:%d\n",
281 result);
282 goto error;
285 lldev = __dev_get_by_index(dev_net(dev), llifindex);
287 if (lldev == NULL) {
288 pr_debug("no interface?\n");
289 result = -ENODEV;
290 goto error;
293 dev->needed_tailroom = tailroom + lldev->needed_tailroom;
294 dev->hard_header_len = headroom + lldev->hard_header_len +
295 lldev->needed_tailroom;
298 * MTU, head-room etc is not know before we have a
299 * CAIF link layer device available. MTU calculation may
300 * override initial RTNL configuration.
301 * MTU is minimum of current mtu, link layer mtu pluss
302 * CAIF head and tail, and PDP GPRS contexts max MTU.
304 mtu = min_t(int, dev->mtu, lldev->mtu - (headroom + tailroom));
305 mtu = min_t(int, GPRS_PDP_MTU, mtu);
306 dev_set_mtu(dev, mtu);
308 if (mtu < 100) {
309 pr_warn("CAIF Interface MTU too small (%d)\n", mtu);
310 result = -ENODEV;
311 goto error;
315 rtnl_unlock(); /* Release RTNL lock during connect wait */
317 result = wait_event_interruptible_timeout(priv->netmgmt_wq,
318 priv->state != CAIF_CONNECTING,
319 CONNECT_TIMEOUT);
321 rtnl_lock();
323 if (result == -ERESTARTSYS) {
324 pr_debug("wait_event_interruptible woken by a signal\n");
325 result = -ERESTARTSYS;
326 goto error;
329 if (result == 0) {
330 pr_debug("connect timeout\n");
331 caif_disconnect_client(dev_net(dev), &priv->chnl);
332 priv->state = CAIF_DISCONNECTED;
333 pr_debug("state disconnected\n");
334 result = -ETIMEDOUT;
335 goto error;
338 if (priv->state != CAIF_CONNECTED) {
339 pr_debug("connect failed\n");
340 result = -ECONNREFUSED;
341 goto error;
343 pr_debug("CAIF Netdevice connected\n");
344 return 0;
346 error:
347 caif_disconnect_client(dev_net(dev), &priv->chnl);
348 priv->state = CAIF_DISCONNECTED;
349 pr_debug("state disconnected\n");
350 return result;
354 static int chnl_net_stop(struct net_device *dev)
356 struct chnl_net *priv;
358 ASSERT_RTNL();
359 priv = netdev_priv(dev);
360 priv->state = CAIF_DISCONNECTED;
361 caif_disconnect_client(dev_net(dev), &priv->chnl);
362 return 0;
365 static int chnl_net_init(struct net_device *dev)
367 struct chnl_net *priv;
368 ASSERT_RTNL();
369 priv = netdev_priv(dev);
370 strncpy(priv->name, dev->name, sizeof(priv->name));
371 return 0;
374 static void chnl_net_uninit(struct net_device *dev)
376 struct chnl_net *priv;
377 ASSERT_RTNL();
378 priv = netdev_priv(dev);
379 robust_list_del(&priv->list_field);
382 static const struct net_device_ops netdev_ops = {
383 .ndo_open = chnl_net_open,
384 .ndo_stop = chnl_net_stop,
385 .ndo_init = chnl_net_init,
386 .ndo_uninit = chnl_net_uninit,
387 .ndo_start_xmit = chnl_net_start_xmit,
390 static void chnl_net_destructor(struct net_device *dev)
392 struct chnl_net *priv = netdev_priv(dev);
393 caif_free_client(&priv->chnl);
396 static void ipcaif_net_setup(struct net_device *dev)
398 struct chnl_net *priv;
399 dev->netdev_ops = &netdev_ops;
400 dev->needs_free_netdev = true;
401 dev->priv_destructor = chnl_net_destructor;
402 dev->flags |= IFF_NOARP;
403 dev->flags |= IFF_POINTOPOINT;
404 dev->mtu = GPRS_PDP_MTU;
405 dev->tx_queue_len = CAIF_NET_DEFAULT_QUEUE_LEN;
407 priv = netdev_priv(dev);
408 priv->chnl.receive = chnl_recv_cb;
409 priv->chnl.ctrlcmd = chnl_flowctrl_cb;
410 priv->netdev = dev;
411 priv->conn_req.protocol = CAIFPROTO_DATAGRAM;
412 priv->conn_req.link_selector = CAIF_LINK_HIGH_BANDW;
413 priv->conn_req.priority = CAIF_PRIO_LOW;
414 /* Insert illegal value */
415 priv->conn_req.sockaddr.u.dgm.connection_id = UNDEF_CONNID;
416 priv->flowenabled = false;
418 init_waitqueue_head(&priv->netmgmt_wq);
422 static int ipcaif_fill_info(struct sk_buff *skb, const struct net_device *dev)
424 struct chnl_net *priv;
425 u8 loop;
426 priv = netdev_priv(dev);
427 if (nla_put_u32(skb, IFLA_CAIF_IPV4_CONNID,
428 priv->conn_req.sockaddr.u.dgm.connection_id) ||
429 nla_put_u32(skb, IFLA_CAIF_IPV6_CONNID,
430 priv->conn_req.sockaddr.u.dgm.connection_id))
431 goto nla_put_failure;
432 loop = priv->conn_req.protocol == CAIFPROTO_DATAGRAM_LOOP;
433 if (nla_put_u8(skb, IFLA_CAIF_LOOPBACK, loop))
434 goto nla_put_failure;
435 return 0;
436 nla_put_failure:
437 return -EMSGSIZE;
441 static void caif_netlink_parms(struct nlattr *data[],
442 struct caif_connect_request *conn_req)
444 if (!data) {
445 pr_warn("no params data found\n");
446 return;
448 if (data[IFLA_CAIF_IPV4_CONNID])
449 conn_req->sockaddr.u.dgm.connection_id =
450 nla_get_u32(data[IFLA_CAIF_IPV4_CONNID]);
451 if (data[IFLA_CAIF_IPV6_CONNID])
452 conn_req->sockaddr.u.dgm.connection_id =
453 nla_get_u32(data[IFLA_CAIF_IPV6_CONNID]);
454 if (data[IFLA_CAIF_LOOPBACK]) {
455 if (nla_get_u8(data[IFLA_CAIF_LOOPBACK]))
456 conn_req->protocol = CAIFPROTO_DATAGRAM_LOOP;
457 else
458 conn_req->protocol = CAIFPROTO_DATAGRAM;
462 static int ipcaif_newlink(struct net *src_net, struct net_device *dev,
463 struct nlattr *tb[], struct nlattr *data[],
464 struct netlink_ext_ack *extack)
466 int ret;
467 struct chnl_net *caifdev;
468 ASSERT_RTNL();
469 caifdev = netdev_priv(dev);
470 caif_netlink_parms(data, &caifdev->conn_req);
472 ret = register_netdevice(dev);
473 if (ret)
474 pr_warn("device rtml registration failed\n");
475 else
476 list_add(&caifdev->list_field, &chnl_net_list);
478 /* Use ifindex as connection id, and use loopback channel default. */
479 if (caifdev->conn_req.sockaddr.u.dgm.connection_id == UNDEF_CONNID) {
480 caifdev->conn_req.sockaddr.u.dgm.connection_id = dev->ifindex;
481 caifdev->conn_req.protocol = CAIFPROTO_DATAGRAM_LOOP;
483 return ret;
486 static int ipcaif_changelink(struct net_device *dev, struct nlattr *tb[],
487 struct nlattr *data[],
488 struct netlink_ext_ack *extack)
490 struct chnl_net *caifdev;
491 ASSERT_RTNL();
492 caifdev = netdev_priv(dev);
493 caif_netlink_parms(data, &caifdev->conn_req);
494 netdev_state_change(dev);
495 return 0;
498 static size_t ipcaif_get_size(const struct net_device *dev)
500 return
501 /* IFLA_CAIF_IPV4_CONNID */
502 nla_total_size(4) +
503 /* IFLA_CAIF_IPV6_CONNID */
504 nla_total_size(4) +
505 /* IFLA_CAIF_LOOPBACK */
506 nla_total_size(2) +
510 static const struct nla_policy ipcaif_policy[IFLA_CAIF_MAX + 1] = {
511 [IFLA_CAIF_IPV4_CONNID] = { .type = NLA_U32 },
512 [IFLA_CAIF_IPV6_CONNID] = { .type = NLA_U32 },
513 [IFLA_CAIF_LOOPBACK] = { .type = NLA_U8 }
517 static struct rtnl_link_ops ipcaif_link_ops __read_mostly = {
518 .kind = "caif",
519 .priv_size = sizeof(struct chnl_net),
520 .setup = ipcaif_net_setup,
521 .maxtype = IFLA_CAIF_MAX,
522 .policy = ipcaif_policy,
523 .newlink = ipcaif_newlink,
524 .changelink = ipcaif_changelink,
525 .get_size = ipcaif_get_size,
526 .fill_info = ipcaif_fill_info,
530 static int __init chnl_init_module(void)
532 return rtnl_link_register(&ipcaif_link_ops);
535 static void __exit chnl_exit_module(void)
537 struct chnl_net *dev = NULL;
538 struct list_head *list_node;
539 struct list_head *_tmp;
540 rtnl_link_unregister(&ipcaif_link_ops);
541 rtnl_lock();
542 list_for_each_safe(list_node, _tmp, &chnl_net_list) {
543 dev = list_entry(list_node, struct chnl_net, list_field);
544 list_del(list_node);
545 delete_device(dev);
547 rtnl_unlock();
550 module_init(chnl_init_module);
551 module_exit(chnl_exit_module);